Course description

Increasing use of computers and networks in business, government,
recreation, and almost all aspects of daily life has led to a
proliferation of online sensitive data, i.e., data that, if used
improperly, can harm the data subjects. As a result, concern about the
ownership, control, privacy, and accuracy of these data has become a
top priority. This course focuses on both the technical challenges of
handling sensitive data and the policy and legal issues facing data
subjects, data owners, and data users.

This course is suitable for graduate students in computer science,
advanced undergraduate computer science majors, and students in other
programs with some computer science background. Course readings will
draw on a variety of sources, including both technical materials and
the popular press. The course will include a privacy-related project. Projects are largely student-directed, and
can include activities such as a programming project, a research paper
describing new results (or documenting failed attempts to obtain such
results), a survey article describing the state of the art in a
particular research area, a public policy or legal argument, or an
article suitable for the popular press.

We will start some of our class meetings with a discussion of one or
more privacy-related case studies. For each, we will frame our
discussion around a series of questions.
Please bring the questions with you to every class.

Grading

70% of your grade is determined by a course project, which is due in
four "deliverables" plus an in-class presentation. Each deliverable
should reflect thoughtful revision of earlier work as well as new
work. 30% of your grade is based on your the quality and quantity of
your participation in class discussion. Quantity without quality
will be penalized.

15%

Project: initial proposals

Due
Sep. 29

10%

Project: revised proposals

Due
Oct. 13

15%

Project: interim reports

Due
Nov. 10

15%

Project: final reports

Due
Dec. 3

15%

Project: final presentations

Dec. 8 and 10

30%

Class participation

Throughout

Each project component is due at the start of class on the
specified day. Lateness on any project deliverable will be penalized
at a rate of 5% of the available points per day.

Syllabus

Here is a partial syllabus, to be extended as the semester progresses.

Required reading: Robert Gellman's paper on Privacy,
Consumers, and Costs
Optional reading: You may also wish to browse some of the papers and
other resources at Alessandro Acquisti's page on The Economics of Privacy.

We will use a list of questions in
addressing our case studies. Please bring the questions to class each time.

You are responsible for reading the assigned material for each class
before the class, so that you can participate fully in class
discussions.

Additional required readings may be added later.

Other Resources:

Some readings and other resources you may find interesting and/or
helpful for your project as below. More will be added throughout the
semester.

Books:

Privacy on the Line, by Whitfield Diffie and Susan
Landau, MIT Press, 1998.

Technology and Privacy: The New Landscape, by Philip
E. Agre and Marc Rotenberg, MIT Press, 1997.

The Transparent Society, by David Brin, Perseus Books,
1998.

Code and Other Laws of Cyberspace, by Lawrence Lessig,
Basic Books, 1999.

Free Culture, by Lawrence Lessig, Penguin Press, 2004.

Technical Papers:

Privacy-Enhancing Technologies
Symposium, now in its 8th year. A technical conference that
brings together "anonymity and privacy experts from around the world
to discuss recent advances and new perspectives in privacy for the
Internet and other communication networks." (Quoted from the
symposium web pages.)

Workshop on Privacy in the Electronic Society, sponsored by the
ACM, run annually for the last few
years in the Fall.

Computers, Freedom, and Privacy,
now in
its 18th year. Diverse audience, including "attendees not only from
government, business, education, and non-profits, but also from the
community of computer professionals, hackers, crackers and engineers
who work the code of cyberspace." (Quoted from the conference web
pages.)

The PORTIA project,
a 5-year project I am involved in addressing handling of sensitive
information. Funded by the National Science Foundation.